Commit Graph

527 Commits

Author SHA1 Message Date
Zoltan HERPAI
34bbbbf9c3 merge: base: update base-files and basic config
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2017-12-08 19:41:18 +01:00
Pierre Lebleu
832b6b8305 procd: service_data: Support data within the service itself
Use the same approach than the service_triggers for the service_data.

Signed-off-by: Pierre Lebleu <pme.lebleu@gmail.com>
2017-11-10 23:31:27 +01:00
Edmunt Pienkowsky
fdc7cc9907 base-files: add interval option to netdev LED trigger configuration
Add an uci option to set the interval parameter of the netdev trigger.

Signed-off-by: Edmunt Pienkowsky <roed@onet.eu>
2017-11-03 20:04:52 +01:00
Kevin Darbyshire-Bryant
7765e442d0 basefiles: allow suid coredumps
Set sysctl fs.suid_dumpable = 2

This allows suid processes to dump core according to kernel.core_pattern
setting.  LEDE typically uses suid to drop root priviledge rather than
gain it but without this setting any suid process would be unable to
produce coredumps (e.g. dnsmasq)

Processes still need to set a non zero core file process limit ('ulimit
-c unlimited' or if procd used 'procd_set_param limits
core="unlimited"') in order to produce a core.  This setting removes an
obscure stumbling block along the way.

>From https://www.kernel.org/doc/Documentation/sysctl/fs.txt

suid_dumpable:

This value can be used to query and set the core dump mode for setuid
or otherwise protected/tainted binaries. The modes are

0 - (default) - traditional behaviour. Any process which has changed
	privilege levels or is execute only will not be dumped.
1 - (debug) - all processes dump core when possible. The core dump is
	owned by the current user and no security is applied. This is
	intended for system debugging situations only. Ptrace is unchecked.
	This is insecure as it allows regular users to examine the memory
	contents of privileged processes.
2 - (suidsafe) - any binary which normally would not be dumped is dumped
	anyway, but only if the "core_pattern" kernel sysctl is set to
	either a pipe handler or a fully qualified path. (For more details
	on this limitation, see CVE-2006-2451.) This mode is appropriate
	when administrators are attempting to debug problems in a normal
	environment, and either have a core dump pipe handler that knows
	to treat privileged core dumps with care, or specific directory
	defined for catching core dumps. If a core dump happens without
	a pipe handler or fully qualifid path, a message will be emitted
	to syslog warning about the lack of a correct setting.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
2017-09-12 22:18:45 +02:00
Jo-Philipp Wich
5523ee3459 base-files: add "tty" user group
This is needed for an upcoming change to the hotplug default rules which
will cause /dev/tty* nodes to get assigned to the "tty" group in order
to support unprivileged user access when needed.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-06-26 10:02:20 +02:00
Alexandru Ardelean
c7ee30d53a base-files: fix default procd reload
Bug introduced with 6713694.

I did not count on procd handling reload as mentioned
in this doc:
https://wiki.openwrt.org/inbox/procd-init-scripts

```
procd_set_param file /var/etc/your_service.conf # /etc/init.d/your_service reload will restart the daemon if these files have changed
procd_set_param netdev dev # likewise, except if dev's ifindex changes.
procd_set_param data name=value ... # likewise, except if this data changes.
```

The service would be restarted regardless of any of those params.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2017-05-20 20:43:45 +02:00
Alexandru Ardelean
6713694fe4 base-files: use restart if no reload hook for service
This was also working before, with a slightly
different semantic.

[ Original semantic ]
If no reload hooks was implemented, the default one would
kick in, it would return fail, and restart would happen.

This would happen also in the case where a reload hook
would be implemented, it would fail, and it would restart
the service.

[ New semantic ]
The default reload hook calls restart.
Services can implement their own reload.

If reload fails, then the '/etc/init.d/<service> reload'
would return a non-zero code, and the caller can choose
a way to handle this.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2017-04-12 09:54:21 +02:00
Lucian Cristian
8e75efc0fb base-files: add submission service port
prevent postfix start failure fatal: 0.0.0.0:submission: Unrecognized service

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2017-03-11 05:53:33 +01:00
Matthias Schiffer
86ccaf4c18
base-files: fix user creation on sysupgrade with few opkg control files
If only a single opkg control file exists (which can happen with
CONFIG_CLEAN_IPKG), grep would not print the file name by default. Instead
of forcing it using -H, we just switch to -l (print only file names) and
get rid of the cut.

Add -s to suppress an error message when no control files exist.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-01-24 19:08:41 +01:00
Hans Dedecker
5f7a081553 base-files: add /etc/iproute2/rt_protos
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-01-18 13:15:28 +01:00
Matthias Schiffer
b9a408c2b4
base-files: add ARCH_PACKAGES to openwrt_release and os-release
Knowing the package architecture at runtime can be useful, e.g. to
configure opkg repository URLs. The value of ARCH_PACKAGES ("%A" in
VERSION_SED) as added to openwrt_release (as DISTRIB_ARCH) and os-release
(as LEDE_ARCH).

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-01-16 13:29:47 +01:00
Alberto Bursi
8496659eb4 base-files: fix message of initscript wrapper
currently (after blogic's edit to my commit) it prints like this:

root@lede:/# service aa
aa does not exist. the following services are available :adblock       dnsmasq       gpio_switch   rpcd          system
boot          done          led           sqm           uhttpd
crelay        dropbear      log           sysctl        umount
cron          firewall      network       sysfixtime    urandom_seed
ddns          fstab         odhcpd        sysntpd

which looks pretty bad, and is even worse if someone writes only "service" without arguments, as it will print " does not exist. " which is confusing.

with this commit it looks like this:

root@lede:/# service
service "" not found, the following services are available:
adblock       dnsmasq       gpio_switch   rpcd          system
boot          done          led           sqm           uhttpd
crelay        dropbear      log           sysctl        umount
cron          firewall      network       sysfixtime    urandom_seed
ddns          fstab         odhcpd        sysntpd

Yes there is some play with " and ', it is to display "name" or just "" if no service name is entered (like in the example).

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2017-01-02 16:47:59 +01:00
Jo-Philipp Wich
5f3c96c285 build: adjust version number handling
Move the revision info to the VERSION_CODE variable and default VERSION_NUMBER
to CURRENT for master branch builds.

Also introduce a new menuconfig option CONFIG_VERSION_CODE which allows users
to override the revision value put into VERSION_CODE and adjust the template
files used by the base-files package to accomodate for the changed semantics.

While we're at it, also adjust the various URLs to match the current web site.

After this commit, the relevent files will look like the examples given below:

    # cat /etc/openwrt_version
    r2398+1

    # cat /etc/openwrt_release
    DISTRIB_ID='LEDE'
    DISTRIB_RELEASE='CURRENT'
    DISTRIB_REVISION='r2398+1'
    DISTRIB_CODENAME='reboot'
    DISTRIB_TARGET='x86/64'
    DISTRIB_DESCRIPTION='LEDE Reboot CURRENT r2398+1'
    DISTRIB_TAINTS='no-all override'

    # cat /usr/lib/os-release
    NAME="LEDE"
    VERSION="CURRENT, Reboot"
    ID="lede"
    ID_LIKE="lede openwrt"
    PRETTY_NAME="LEDE Reboot CURRENT"
    VERSION_ID="current"
    HOME_URL="http://lede-project.org/"
    BUG_URL="http://bugs.lede-project.org/"
    SUPPORT_URL="http://forum.lede-project.org/"
    BUILD_ID="r2398+1"
    LEDE_BOARD="x86/64"
    LEDE_TAINTS="no-all override"
    LEDE_DEVICE_MANUFACTURER="LEDE"
    LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
    LEDE_DEVICE_PRODUCT="Generic"
    LEDE_DEVICE_REVISION="v0"
    LEDE_RELEASE="LEDE Reboot CURRENT r2398+1"

On a release branch, those files would look like:

    # cat /etc/openwrt_version
    r2399

    # cat /etc/openwrt_release
    DISTRIB_ID='LEDE'
    DISTRIB_RELEASE='16.12-CURRENT'
    DISTRIB_REVISION='r2399'
    DISTRIB_CODENAME='test_release'
    DISTRIB_TARGET='x86/64'
    DISTRIB_DESCRIPTION='LEDE Test Release 16.12-CURRENT r2399'
    DISTRIB_TAINTS='no-all override'

    # cat /usr/lib/os-release
    NAME="LEDE"
    VERSION="16.12-CURRENT, Test Release"
    ID="lede"
    ID_LIKE="lede openwrt"
    PRETTY_NAME="LEDE Test Release 16.12-CURRENT"
    VERSION_ID="16.12-current"
    HOME_URL="http://lede-project.org/"
    BUG_URL="http://bugs.lede-project.org/"
    SUPPORT_URL="http://forum.lede-project.org/"
    BUILD_ID="r2399"
    LEDE_BOARD="x86/64"
    LEDE_TAINTS="no-all override"
    LEDE_DEVICE_MANUFACTURER="LEDE"
    LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
    LEDE_DEVICE_PRODUCT="Generic"
    LEDE_DEVICE_REVISION="v0"
    LEDE_RELEASE="LEDE Test Release 16.12-CURRENT r2399"

On a release tag, those files would look like:

    # cat /etc/openwrt_version
    r2500

    # cat /etc/openwrt_release
    DISTRIB_ID='LEDE'
    DISTRIB_RELEASE='17.02.1'
    DISTRIB_REVISION='r2500'
    DISTRIB_CODENAME='mighty_unicorn'
    DISTRIB_TARGET='x86/64'
    DISTRIB_DESCRIPTION='LEDE Mighty Unicorn 17.02.1 r2500'
    DISTRIB_TAINTS='no-all override'

    # cat /usr/lib/os-release
    NAME="LEDE"
    VERSION="17.02.1, Mighty Unicorn"
    ID="lede"
    ID_LIKE="lede openwrt"
    PRETTY_NAME="LEDE Mighty Unicorn 17.02.1"
    VERSION_ID="17.02.1"
    HOME_URL="http://lede-project.org/"
    BUG_URL="http://bugs.lede-project.org/"
    SUPPORT_URL="http://forum.lede-project.org/"
    BUILD_ID="r2500"
    LEDE_BOARD="x86/64"
    LEDE_TAINTS="no-all override"
    LEDE_DEVICE_MANUFACTURER="LEDE"
    LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
    LEDE_DEVICE_PRODUCT="Generic"
    LEDE_DEVICE_REVISION="v0"
    LEDE_RELEASE="LEDE Mighty Unicorn 17.02.1 r2500"

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: Felix Fietkau <nbd@nbd.name>
2016-12-02 16:02:02 +01:00
Alberto Bursi
d52676d1ea base-files: add a wrapper for init scripts in profile
"service" is a simple wrapper that will allow to call init.d scripts

current method:     #  /etc/init.d/network reload
with the wrapper:   #  service network reload

If the wrapper is called without arguments or with a wrong init script name, it will print an error and list the content of /etc/init.d/ folder

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-29 21:12:08 +01:00
Marek Lindner
9978a3e2ca base-files: Prefer busybox arp over /proc/net/arp alias
A firmware compiled with BUSYBOX_CONFIG_ARP should also use by default the
arp binary from busybox. Otherwise the extra functionality the user
requested can only be used when running arp with the path to the binary.

Signed-off-by: Marek Lindner <marek.lindner@open-mesh.com>
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
2016-11-10 16:12:52 +01:00
Christian Lamparter
5f8f8a3661 base-files, mac80211, broadcom-wl: wifi detection and configuration
Currently, the wifi detection script is executed as part of
the (early) boot process. Pluggable wifi USB devices, which
are inserted at a later time are not automatically
detected and therefore they don't show up in LuCI.

A user has to deal with wifi detection manually, or restart
the router.

However, the current "sleep 1" window - which the boot
process waits for wifi devices to "settle down" - is too
short to detect wifi devices for some routers anyway.

For example, this can happen with USB WLAN devices on the
WNDR4700. This is because the usb controller needs to load
its firmware from UBI and initialize, before it can operate.

The issue can be seen on a BT HomeHub 5A as well as soon as
the caldata are on an ubi volume. This is because the ath9k
card has to be initialized by owl-loader first. Which has to
wait for the firmware extraction script to retrieve the pci
initialization values inside the caldata.

This patch moves the wifi configuration to hotplug scripts.
For mac80211, the wifi configuration will now automatically
run any time a "ieee80211" device is added. Likewise
broadcom-wl's script checks for new "net" devices which
have the "wl$NUMBER" moniker.

Issues with spawning multiple interface configuration - in
case the detection script is run concurrently - have been
resolved by using a named section for the initial
configuration. Concurrent configuration scripts will now
simply overwrite the same existing configuration.

A workaround which preserves the "sleep 1" window for just
the first boot has been added. This allows the existing
brcm47xx boot and mvebu uci-default scripts to correctly
setup the initial mac addresses and regulatory domain.

And finally, the patch renames the "wifi detect" into
"wifi config". As the script no longer produces any output
that has to be redirected or appended to the configuration
file.

Thanks to Martin Blumenstingl for helping with the implementation
and testing of the patch.

Acked-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Mathias Kresin <dev@kresin.me>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-03 11:08:01 +01:00
Christian Lamparter
5e35b4562f base-files, mac80211, broadcom-wl: use uci to populate wireless config
Previously, wifi detect simply dumped its generated wireless
configuration to STDOUT. A second step was needed to append
the configuration to /etc/config/wireless (or create it, if
it didn't exist).

With this patch, The wifi detection script will now use uci
to update the wireless configuration directly.

This patch also makes the initially created wifi-iface a
named section ('default_radio$X' for mac80211 and
'default_wl$X' for broadcom). With this change, uci will
not print the cfgHASH to STDOUT (which would now corrupt
the wireless configuration). It will also prevent adding
duplicated wifi interface configurations, if the wifi
configuration is run concurrently.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2016-11-03 11:08:01 +01:00
Petr Štetiar
9e8e8b7253 base-files: sysfixtime: Keep RTC time in UTC timezone
We need to tell hwclock with -u commandline option, that we would like
to keep our RTC clock in UTC timezone. Linux kernel expects RTC in UTC
timezone anyway.

In current state of things, we don't tell hwclock to load/store time
from/to RTC in UTC timezone so it uses the timezone from the system
time. If it's set to different timezone then UTC, sysfixtime is going to
screw the time in RTC.

I've following in the setup script:

  uci set system.@system[0].timezone='CET-1CEST,M3.5.0,M10.5.0/3'
  uci set system.@system[0].zonename='Europe/Prague'

I've this RTC setup (rtc1 is RTC on i.MX6 SoC, rtc0 is battery backed RTC mcp7941x):

  rtc-ds1307 3-006f: rtc core: registered mcp7941x as rtc0
  snvs_rtc 20cc000.snvs:snvs-rtc-lp: rtc core: registered 20cc000.snvs:snvs-r as rtc1

Then we can experience following (current time is 10:15am):

	$ date
	Fri Oct 21 10:15:07 CEST 2016

	$ hwclock -r -f /dev/rtc0
	Fri Oct 21 08:14:46 2016  0.000000 seconds

	$ hwclock -u -r -f /dev/rtc0
	Fri Oct 21 10:14:46 2016  0.000000 seconds

And after current broken sysfixtime:

	$ /etc/init.d/sysfixtime stop

	$ date
	Fri Oct 21 10:15:25 CEST 2016

	$ hwclock -r -f /dev/rtc0
	Fri Oct 21 10:15:31 2016  0.000000 seconds

Now we've time in our battery backed RTC in CEST timezone instead of
UTC.  Then once again, but with this patch applied to sysfixtime, where
hwclock is using correctly the -u parameter:

	$ /etc/init.d/sysfixtime stop

	$ date
	Fri Oct 21 10:15:53 CEST 2016

	$ hwclock -r -f /dev/rtc0
	Fri Oct 21 08:15:55 2016  0.000000 seconds

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2016-10-31 16:33:19 +01:00
Chris Blake
b745bfa6dc base-files: Ensure reset only works if an overlay exists
Currently the reset script will try to run jffs2reset on boards that are
running a rw rootfs, such as ext4. This will cause jffs2reset to fail
and the board to never reboot while the LED blinks until a manual
reboot.

This commit does two different things:
1. Disables reset on boards that do not have an overlay mount
2. Disables the Blinking LED after 5 seconds if the board does not
support reset

Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
2016-10-27 12:45:05 +02:00
Rafał Miłecki
2187f57db6 base-files: add ucidef_set_led_usbport for full usbport support
This helper allows using usbport trigger directly. It requires usbport
compatible syntax and supports specifying multiple USB ports, e.g.:
ucidef_set_led_usbport "usb" "USB" "devicename:colour:function" "usb1-port1" "usb2-port1"

This adds a proper object to the board.json, e.g.
"usb": {
	"name": "USB",
	"type": "usbport",
	"sysfs": "devicename:colour:function",
	"ports": [
		"usb1-port1",
		"usb2-port1"
	]
}
and supports translating it into uci section.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-10-22 11:16:01 +02:00
Rafał Miłecki
0658527e1e switch to the new usbport LED trigger
This makes init.d script handle existing UCI entries using the new
trigger. It also switches all targets to use its package.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-10-19 12:09:45 +02:00
Pierre Lebleu
6bb11d52f3 procd: Allow initscripts to start one daemon instance at a time
Signed-off-by: Pierre Lebleu <pierre.lebleu@technicolor.com>
2016-10-18 08:53:38 +02:00
Matthias Schiffer
6c1542787d
base-files: fix check for empty password warning
Now that we know that the password is in /etc/shadow and not in
/etc/passwd, we can properly fix the logic for the empty password check.
Only 'root::' is an empty password, 'root' and 'root:!:' allow no
password login at all.

This fixes the empty password warning still showing after the root password
has been locked using 'passwd -l root' (e.g. to allow public-key auth
only).

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-09-26 17:57:56 +02:00
Jo-Philipp Wich
1c09849f6c treewide: remove bad local shell variable declarations
Local variable declarations outside of functions are illegal since the Busybox
update to v1.25.0, therfore remove them from the appropriate places.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-09-24 14:38:20 +02:00
John Crispin
63bd73a5cf base-files: remind users to set root password
print a warning when a shell spawns, telling users to set a root password.

Signed-off-by: John Crispin <john@phrozen.org>
2016-09-19 15:30:32 +02:00
Felix Fietkau
25dab5d217 base-files: reduce vm.min_free_kbytes for devices with 32M RAM
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-16 16:44:45 +02:00
Karl Palsson
ad8d197b82 base-files: support oneshot leds properly.
oneshot trigger configurations for LEDs are created, but the on/off
timing configurations are ignored.  generate_config is correctly creating
oneshot configs, but the later led script doesn't recognise the trigger
details.

Fixes: c0c3f2d4c9 leds: support oneshot as well as timer triggers
Signed-off-by: Karl Palsson <karlp@etactica.com>
2016-09-05 07:27:15 +02:00
Jonas Gorski
e934a129f0 base-files: let config_generate call board_detect
Instead of board_detect generating the config as a side effect, let
config_generate call board_detect as needed.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:49:46 +02:00
Mathias Kresin
5fadd4397b preinit: use only the image config options
The pi_* variables and the fs_failsafe_wait_timeout variable are set by
the CONFIG_TARGET_PREINIT_* config options. No need to maintain the same
values twice.

All other fs_ variables were never used.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-08-10 03:04:08 +02:00
Felix Fietkau
577f873daf kernel: remove unused morse led trigger driver
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 20:53:02 +02:00
Daniel Golle
877168993a base-files: remove dead code
/etc/init.d/boot tried to create /dev/root based on the kernel's
cmdline which won't work on any recent targets. Remove that code now
that fstools can detect the mounted rootfs based on
/proc/self/mountinfo and /dev/root was long gone anyway.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2016-08-04 18:19:46 +02:00
Felix Fietkau
5c9cc7b7f8 base-files: increase vm.min_free_kbytes
Network drivers typically allocate memory in atomic context. For that to
be reliable, there needs to be enough free memory. Set the value
heuristically based on the total amount of system RAM.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-01 14:53:27 +02:00
Etienne CHAMPETIER
35e423ca41 base-files: use procd init for urandom_seed
Previous implementation was blocking the init and
breaking halt/reboot/sysupgrade (reported by Daniel Golle)

v2: use procd logging, use set -e + trap for error handling

Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
Tested-by: Daniel Golle <daniel@makrotopia.org>
2016-07-27 01:24:54 +02:00
Etienne CHAMPETIER
3946a55291 base-files: seed /dev/urandom
This commit:
1) seed /dev/urandom with the saved seeds as early as possible
   (see /lib/preinit/81_urandom_seed)
2) save a seed at /etc/urandom.seed if it doesn't exists
3) save a new seed each boot at "system.@system[0].urandom_seed"
   (see /etc/init.d/urandom_seed)

We use getrandom() so we are sure /dev/urandom pool is initialized

Seed size is 512 bytes (ie /proc/sys/kernel/random/poolsize / 8)
it's the same size as in ubuntu 14.04 and all systemd systems

Seeding /dev/urandom doesn't change entropy estimation, so we still have
"random: ubus urandom read with 4 bits of entropy available"
messages in the logs, but we can now ignore them if
after "urandom-seed: Seeding with ..." message

Saving a new seed on each boot is disabled by default to avoid too much
writes without user consent

v2: log preinit messages to /dev/kmsg
v3: use non generic function name for logging, as /lib/preinit/ files
    are all sourced together in /etc/preinit
v4: after a lot of discussion on the ML, use a uci config param
v5: config param is now the path of the seed

Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2016-06-30 22:48:39 +02:00
Kevin Darbyshire-Bryant
d4ede1c118 base-files: sysfixtime no longer exclude dnsmasq.time
dnsmasq's dnssec time checking method now uses a ntp hotplug mechanism,
therefore dnsmasq.time is redudant and no longer needs to be explicitly
excluded from sysfixtime.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-06-24 13:56:30 +02:00
Daniel Dickinson
f954f4337b base-files: Add standard os-release file
/etc/os-release is the standard distribution release information
file, therefore add it (and image configuration options for
fields not previously present in LEDE).  Once it is deemed
reasonable the non-standard openwrt_release, openwrt_version,
and device_info files could be removed (that is with this patch
we consider them deprecated in favour of the standard file).

Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
2016-06-24 13:52:53 +02:00
John Crispin
87eb8fad13 base-files: remove fstab symlink
the symlink no longer gets used since we switched to the block-mount tool.

Signed-off-by: John Crispin <john@phrozen.org>
2016-06-17 04:13:07 +02:00
Jo-Philipp Wich
35b33f0413 base-files: maintain LED config state
Record the state of any hardware LED configured through UCI and use that
information to revert the state when applying updated settings while
maintaining default behaviour of system LEDs.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-08 10:34:50 +02:00
Jo-Philipp Wich
924302ba36 base-files: drop /etc/config/system
The board_detect framework is now able to create the entire system config from
scratch so we can finally drop the copy shipped by base-files.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-08 00:34:02 +02:00
Jo-Philipp Wich
33a4d22f4c base-files: reset LED state
Attempt to reset all LED states before applying the UCI configuration to
avoid leaving disabled LEDs behind in lingering glowing state, e.g. when
changing the sysfs entry in the config from one hardware LED to another.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-07 23:01:58 +02:00
Hannu Nyman
3193053df7 Centralize setting of all version info to include/version.mk
Centralize setting all version information in include/version.mk
* Set RELEASE env variable in include/version.mk instead of toplevel.mk.
  Stop exporting the variable.
* Remove hardcoded release name from /etc/banner

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-05-24 13:30:58 +02:00
Kevin Darbyshire-Bryant
8d105653b1 base-files: sysfixtime typo in exclude dnsmasq.time
Typo, missing space before ] in previous commit caused shell syntax
failure and incorrect restoration of time.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-05-19 18:14:28 +02:00
Kevin Darbyshire-Bryant
2b1556d3e0 base-files: sysfixtime exclude dnsmasq.time
dnsmasq maintains dnsmasq.time across reboots and uses it as a means of
determining if current time is good enough to validate dnssec time
stamps.  By including /etc/dnsmasq.time as a time source for sysfixtime,
the mechanism was effectively defeated because time was set to the
last time that dnsmasq considered current even though that time is in
the past.  Since that time is out of date, dns(sec) resolution would
fail thus defeating any ntp based mechanisms for setting the clock
correctly.

In theory the process is defeated by any files in /etc that are newer
than /etc/dnsmasq.time however dnsmasq now updates the file's timestamp
on process TERM so hopefully /etc/dnsmasq.time is the latest file
timestamp in /etc as part of LEDE shutdown/reboot.

Either way, including /etc/dnsmasq.time as a time source for
sysfixtime is not helpful.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-05-19 10:28:18 +02:00
Jo-Philipp Wich
21f460e0c1 Revert "base-files: sysfixtime exclude dnsmasq.time"
This reverts commit 382779e009.

Reverting this commit due to a missing Signed-off-by.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-05-19 10:28:11 +02:00
Kevin Darbyshire-Bryant
382779e009 base-files: sysfixtime exclude dnsmasq.time
dnsmasq maintains dnsmasq.time across reboots and uses it as a means of
determining if current time is good enough to validate dnssec time
stamps.  By including /etc/dnsmasq.time as a time source for sysfixtime,
the mechanism was effectively defeated because time was set to the
last time that dnsmasq considered current even though that time is in
the past.  Since that time is out of date, dns(sec) resolution would
fail thus defeating any ntp based mechanisms for setting the clock
correctly.

In theory the process is defeated by any files in /etc that are newer
than /etc/dnsmasq.time however dnsmasq now updates the file's timestamp
on process TERM so hopefully /etc/dnsmasq.time is the latest file
timestamp in /etc as part of LEDE shutdown/reboot.

Either way, including /etc/dnsmasq.time as a time source for
sysfixtime is not helpful.
2016-05-18 22:17:33 +02:00
Vittorio G (VittGam)
d742e1b513 base-files: Enhancements to /etc/profile
- Update the terminal window title with the current directory and hostname, if using an xterm-compatible terminal emulator.
- Add ll, an useful alias to ls.

Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
2016-05-14 16:53:10 +02:00
Jo-Philipp Wich
a6f76bffd8 signing: remove unatteded build key and use current keyring instead
Remove the public unatteded buildkey from the opkg package to avoid
having hardcoded keys in tree. Use the external keyring package instead
which can be easily updated by users.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-04-30 20:39:23 +02:00
John Crispin
4a8e960c62 base-files: fix group/user settings after sysupgrade
Signed-off-by: John Crispin <john@phrozen.org>
2016-04-29 04:15:34 +02:00
John Crispin
d72e538e89 base-files: add new public key used by unattended builds
Signed-off-by: John Crispin <john@phrozen.org>
2016-04-29 04:15:34 +02:00
John Crispin
dc92917409 image / basefiles: make console password configurable
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
Signed-off-by: John Crispin <john@phrozen.org>
2016-04-18 21:53:07 +02:00
John Crispin
fa69553900 branding: add LEDE branding
Signed-off-by: John Crispin <blogic@openwrt.org>
2016-03-24 22:40:13 +01:00
Felix Fietkau
285d9e364e base-files: add support for speed mask to switch config init scripts
This patch adds extra parameter to switch LED trigger initialization
functions.  New functionality maintains backward compatibility, so
calling functions without setting new speed_mask parameter works
as expected.

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>

SVN-Revision: 48776
2016-02-25 13:31:29 +00:00
Jo-Philipp Wich
117cef6d44 base-files: add netifd's default prelocal table to /etc/iproute2/rt_tables
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48685
2016-02-09 12:34:05 +00:00
Jo-Philipp Wich
cc289e0adb base-files: honor CONFIG_TARGET_INIT_PATH
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48678
2016-02-08 14:28:50 +00:00
John Crispin
e2fd1adaf5 base-files: For sysfixtime use hwclock if RTC available
On systems that have an RTC prefer it to the file-based time fixup (i.e.
use hwclock when there is a permanent clock instead of the faked up time
logic that is needed when there is not RTC).

We can't rely on hctosys kernel feature either as we're usually using
RTC as kernel modules which are usually being loaded after hctosys was
run, leading in the following error:

  hctosys: unable to open rtc device (rtc0)

Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>

SVN-Revision: 48661
2016-02-08 08:25:53 +00:00
Felix Fietkau
57776e68ce base-files: remove default /etc/config/network, generate it via board.d instead
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48493
2016-01-25 16:30:41 +00:00
John Crispin
3f78186f76 base-files: allow timezone to be overriden by zonename (proper zoneinfo support)
Signed-off-by: Roman Yeryomin <roman@advem.lv>

SVN-Revision: 47980
2015-12-23 14:44:31 +00:00
John Crispin
2f42d9e27d base-file: remove /tmp/.jail (now useless)
Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>

SVN-Revision: 47855
2015-12-11 15:06:31 +00:00
John Crispin
ec6b85ca0e base-files: use max_brightness to set LED
LEDs which are controlled by a PWM need to use the supplied
max_brightness instead. Otherwise they might appear to be
very dim / broken.

Signed-off-by: Chris R Blake <chrisrblake93@gmail.com>

SVN-Revision: 47854
2015-12-11 15:06:11 +00:00
John Crispin
18691109df base-files: show hint when JFFS2-partition is full and overlayfs mounted read-only
since r45833 and r45848 the overlayfs is automatically mounted read-only
(and blocks remounts as r/w) when JFFS2 is full. see ticket #19564

because of this normal file deletion is not possible anymore.
if a user logins interactively (e.g. SSH) show a hint for this,
that files must be removed in /overlay/upper/...

v2: fix subject line

Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>

SVN-Revision: 47623
2015-11-24 18:32:09 +00:00
Hauke Mehrtens
f1894ad167 base-files: add DCCP to /etc/protocols
Fixes this conntrackd warning:
WARNING: getprotobyname() cannot find protocol `DCCP' in /etc/protocols

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

SVN-Revision: 47481
2015-11-15 22:09:13 +00:00
John Crispin
1c74d046ed base-files: create /var/tmp on boot
FHS mandates presence of /var/tmp on compliant systems.

The lack of /var/tmp was discovered when using MIT Kerberos libraries
which default to that location for storing credentials cache.

Signed-off-by: Paul Fertser <fercerpav@gmail.com>

SVN-Revision: 47219
2015-10-19 10:09:46 +00:00
Steven Barth
468c1fb320 base-files: revert to default ECN settings
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 47160
2015-10-07 21:11:24 +00:00
John Crispin
ce9da6e6af base-files: add URL option for OEM manufacturer info
This URL can be embedded e.g. within UPnP announcements where a link
to the manufacturer's homepage is desired.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>

SVN-Revision: 47135
2015-10-05 10:28:53 +00:00
Steven Barth
d7023fc0bc base-files: sanitize and unify $PATH
Previously init and hotplug paths were different from console.

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 47080
2015-10-02 08:24:32 +00:00
John Crispin
ef2f50829d base-files: add /etc/profile.d support
OpenWrt should support an optional /etc/profile.d directory like
most other Linux distributions. This allows packages to install
their own scripts into /etc/profile.d/ directory.

The file suffix should make clear, that these scripts
are (sourced) shell-snippets. If the user needs e.g. php or lua,
one must make sure that the interpreter is called.
The reverse failsafe test makes sure, that the effective returncode is 0.

A typcal usecase is the inclusion of private helpers,
special variables or aliases, which at the moment needs
patching the sourcecode and is not well maintainable.
Now the builder can simply add there files.

v1 initial work of Hendrik Lüth <hendrik@linux-nerds.de>
v2 changes regarding RFC (e.g. thomas.langer@lantiq.com)
v3 changes regarding RFC (e.g. mschiffer@universe-factory.net)
v4 keep it simple and mimic OpenWrt style

Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>

SVN-Revision: 46965
2015-09-16 08:32:13 +00:00
Felix Fietkau
796a2d032b base-files: fix typo in core dump pattern sysctl entry (fixes #20489)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46890
2015-09-12 08:57:59 +00:00
Felix Fietkau
ced2b641e2 base-files: set kernel.core_pattern in sysctl.conf
Move the pattern setting from netifd's service script to
/etc/sysctl.conf.  Put the timestamp component '%t' just after
executable name '%e' for more natural order from output of ls command.

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

SVN-Revision: 46867
2015-09-11 16:35:17 +00:00
Rafał Miłecki
56c926223e base-files: change banner to Designated Driver release
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 46846
2015-09-11 08:56:37 +00:00
Steven Barth
00045fe9d0 base-files: add /etc/iproute2/rt_tables, replace ifconfig-usage
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46830
2015-09-08 17:44:13 +00:00
Jo-Philipp Wich
3d1890053c base-files: add /etc/hosts entries for ::1, ff02::1 and ff02::2
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 46771
2015-09-02 11:54:03 +00:00
John Crispin
9b0516c9fc base-files: rework reset button script to indicate factory reset
With this change we let user know 5 seconds have passed and reset button
can be released (to trigger factory reset)

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 46650
2015-08-17 06:16:39 +00:00
Rafał Miłecki
567d2ab3f8 base-files: buttons: make power script return 0
It was missed in the r46471.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 46582
2015-08-12 00:57:53 +00:00
John Crispin
e7b34b2b0d buttons: make all button handler scripts return 0
this is required by the new button timeout feature

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 46471
2015-07-24 09:11:35 +00:00
John Crispin
cf4a0d430b base-files: fix /tmp/.jail permissions
We need a+x rights on the path to the root of the jails
so we can use users other than root (like nobody)

This partly fixes jailed dnsmasq

Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>

SVN-Revision: 46466
2015-07-24 09:11:00 +00:00
John Crispin
d0d3ca2a1b base-files: added option to configure the gpio led trigger in uci-defaults
Signed-off-by: Günther Kelleter <guenther.kelleter@devolo.de>

SVN-Revision: 46341
2015-07-14 07:35:59 +00:00
John Crispin
d65916047b base-files: implemented basic GPIO control
Internal GPIO pins are used for PoE passthrough setups in multi-port
routers. This patch implemnets control over this hardware feature for
Ubiquiti Nanostations and TP-Link CPE510.

Signed-off-by: Lars Kruse <lists@sumpfralle.de>

SVN-Revision: 46271
2015-07-08 14:25:52 +00:00
John Crispin
3787c32183 sysctl: read settings from /etc/sysctl.d/*.conf
This changes makes it possible to store custom settings
in individual files inside the directory /etc/sysctl.d/.

Signed-off-by: Stefan Tomanek <stefan.tomanek+openwrt@wertarbyte.de>

SVN-Revision: 46239
2015-07-07 13:47:23 +00:00
Felix Fietkau
908e1b4c41 base-files: add openwrt snapshot key
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45905
2015-06-05 18:21:53 +00:00
Felix Fietkau
2659762e62 base-files: fix logic error in led default handling (patch from #19593)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45600
2015-05-03 18:04:27 +00:00
Felix Fietkau
93fb3cac1b base-files: reorder led trigger/brightness writes
Depending on configuration, disable the LED before writing the trigger
and enable it after writing it. Fixes LEDs where the value defaults to 1

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45463
2015-04-16 20:09:30 +00:00
John Crispin
4cf7929869 base-files: add a init.d option that will start the syscall tracer
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45009
2015-03-26 10:58:17 +00:00
John Crispin
5b23cfab73 base-files: create jail folder on boot
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45008
2015-03-26 10:58:11 +00:00
Felix Fietkau
889e1e4bff fstools: update to the latest version, makes interrupted first boot more reliable
Use xattr to store the filesystem initialization state of the overlay.
As long as the filesystem is not marked as initialized yet (happens in
/etc/init.d/done), all overlay data (except for sysupgrade.tgz) will be
discarded before the system is allowed to boot

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 44942
2015-03-22 15:11:27 +00:00
Felix Fietkau
bc1fc688af base-files: keep sysupgrade.tgz until /etc/init.d/done has been called
This makes interrupted boots after sysupgrade more reliable

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 44941
2015-03-22 15:11:20 +00:00
Felix Fietkau
f30358d41a kernel: remove the netfilter optimization that skips the filter table, it has caused too many issues
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 44873
2015-03-17 17:14:48 +00:00
John Crispin
b54f3ad6e7 base-files: fix led script to skip missing triggers
this is based on http://patchwork.ozlabs.org/patch/424451/

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 44087
2015-01-23 12:33:04 +00:00
John Crispin
829bf6b9a1 failsafe-mode: print short help on commandline
[base-files] failsafe-mode: print short help on commandline

Like mentioned in ticket https://dev.openwrt.org/ticket/11911
this should make the IRC much quieter. Failsafe is somehow
special and even experienced users are helpless, because they
are not used to this seldom situation. Also: likely you have
no internet access in this mode, so you cannot use the wiki.

a failsafe-session now looks like this:
first we see from 'package/base-files/files/bin/login.sh' the hint:

 === IMPORTANT ============================
  Use 'passwd' to set your login password
  this will disable telnet and enable SSH
 ------------------------------------------

after this the /etc/banner ("OpenWrt - wireless freedom")
and then the new text:

================= FAILSAFE MODE active ================
special commands:
* firstboot          reset settings to factory defaults
* mount_root     mount root-partition with config files

after mount_root:
* passwd                         change root's password
* /etc/config               directory with config files

for more help see:
http://wiki.openwrt.org/doc/howto/generic.failsafe
=======================================================

this supersedes the old patches:
http://patchwork.openwrt.org/patch/3337/
http://patchwork.openwrt.org/patch/3553/

Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>

SVN-Revision: 42985
2014-10-20 06:29:05 +00:00
Steven Barth
c118e5edf4 network: Unbind DHCPv6 from underlying interfaces
This allows IPv6 to set up without IPv4 being up thus
IPv6-only or IPv6+DS-Lite working with the default config.

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 42848
2014-10-08 13:08:05 +00:00
Steven Barth
8a971b2770 base-files: remove a 'not found' error message during system boot
During boot, a not found message is displayed for systems which do
not have uci 'network.globals.ula_prefix' defined in
/etc/config/network. The error message itself is not used and can
be ignored.

Signed-off-by: Michel Stam <m.stam@fugro.nl>

SVN-Revision: 42755
2014-10-03 10:56:43 +00:00
John Crispin
2ae05c57f8 package/*: remove useless explicit set of function returncode
somebody started to set a function returncode in the validation
stuff and everybody copies it, e.g.

myfunction()
{
	fire_command

	return $?
}

a function automatically returns with the last returncode,
so we can safely remove the command 'return $?'. reference:

http://tldp.org/LDP/abs/html/exit-status.html
"The last command executed in the function or script determines the exit status."

Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>

SVN-Revision: 42278
2014-08-25 06:35:50 +00:00
Steven Barth
929e73c7b6 base-files: increase igmp_max_memberships to improve multicast-proxy handling
SVN-Revision: 42227
2014-08-20 10:18:40 +00:00
John Crispin
562d9f9582 base-files: add a hardware detection layer
this allows targets to use the new uci-default helper which will generate
a file called /etc/board.json. a tool called /bin/config_generate can then
be used to generate the default uci settings.

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 42185
2014-08-18 13:09:17 +00:00
Felix Fietkau
517ad9ff0d base-files: enable option to skip the netfilter "filter" table for established connection packets by default
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 42048
2014-08-07 19:30:36 +00:00
Felix Fietkau
d5653558ac base-files: properly escape strings for version info
Make sure they don't break the sed command, and also make device_info
and openwrt_release more robust for parsing by scripts

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41885
2014-07-29 13:30:23 +00:00
Felix Fietkau
dbb77e39a0 base-files: add extra version configuration options for OEM manufacturer info
Creates /etc/device_info which will be used to fill in information for
WPS and other protocols that need manufacturer/device information

This helps with creating OpenWrt firmware for OEM or rebranded devices.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41884
2014-07-29 13:30:12 +00:00
Imre Kaloz
ad27df85b7 BB is branched, get ready for Chaos Calmer
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>

SVN-Revision: 41870
2014-07-29 08:24:57 +00:00
John Crispin
3c9cfbeebd base-files: Remove stale calls to start() in initscripts.
based on http://patchwork.openwrt.org/patch/5969/

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 41840
2014-07-26 20:36:15 +00:00
Felix Fietkau
59cfa05bf3 base-files: adjust the default netfilter tcp established connection timeout as per RFC 5382 (#17098)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41599
2014-07-13 10:24:34 +00:00
Felix Fietkau
d288a7903d rc.common: when reloading a service using procd, fall back to calling start instead of restart
This avoids unnecessary service restarts

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41490
2014-07-03 06:21:49 +00:00